Information Security
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 Other International Definitions
- 1.3 National Definitions
- 1.3.1 Albania
- 1.3.2 Argentina
- 1.3.3 Australia
- 1.3.4 Austria
- 1.3.5 Belarus
- 1.3.6 Brazil
- 1.3.7 Costa Rica
- 1.3.8 Croatia
- 1.3.9 Cuba
- 1.3.10 Czech Republic
- 1.3.11 Denmark
- 1.3.12 Egypt
- 1.3.13 Finland
- 1.3.14 France
- 1.3.15 Gambia
- 1.3.16 Germany
- 1.3.17 Georgia
- 1.3.18 Guatemala
- 1.3.19 Italy
- 1.3.20 Jamaica
- 1.3.21 Japan
- 1.3.22 Jordan
- 1.3.23 Kuwait
- 1.3.24 Macedonia
- 1.3.25 Malta
- 1.3.26 Mongolia
- 1.3.27 Montenegro
- 1.3.28 Netherlands
- 1.3.29 Norway
- 1.3.30 Philippines
- 1.3.31 Portugal
- 1.3.32 Russian Federation
- 1.3.33 Serbia
- 1.3.34 Sierra Leone
- 1.3.35 Switzerland
- 1.3.36 Uganda
- 1.3.37 Ukraine
- 1.3.38 United States
- 1.3.39 Uruguay
- 1.3.40 Vanuatu
- 1.4 Regional Definitions
- 1.5 Other Definitions
- 1.6 Standard Definition
- 1.7 Dictionary
- 2 Notes
- 3 References
Definitions
European Definitions
ECA
[BG] Кибератака: Опит за подкопаване или унищожаване на поверителността, целостта и наличието на данни или на компютърна система чрез киберпространството.
[CS] Bezpečnost informací: Soubor postupů a nástrojů chránících fyzické a digitální údaje před neoprávněným přístupem, použitím, zveřejněním, narušením, pozměněním, zaznamenáním nebo zničením.
[DE] Informationssicherheit: Reihe von Prozessen und Instrumenten zum Schutz von physischen und digitalen Daten vor Zugriff, Verwendung, Preisgabe, Störung, Änderung, Erfassung oder Zerstörung durch Unbefugte.
[DK] Informationssikkerhed: Det sæt af processer og værktøjer, der beskytter fysiske og digitale data mod uautoriseret adgang, anvendelse, videregivelse, afbrydelse, ændring, registrering eller ødelæggelse.
[ES] Seguridad de la información: Conjunto de procesos y herramientas que protegen los datos físicos y digitales del acceso no autorizado, el uso, la divulgación, la perturbación, la modificación, el registro o la destrucción.
[NE] Informatiebeveiliging: Een reeks processen en instrumenten voor de bescherming van fysieke en digitale gegevens tegen onbevoegd(e) toegang, gebruik, vrijgave, verstoring, wijziging, opname of vernietiging.
Other International Definitions
IAEA
Note: In addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved.
NATO
United Nations
World Bank
In a computing context, the term security implies cybersecurity.
National Definitions
Albania
Argentina
Australia
Austria
Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [12]
Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.
Belarus
(The state of the protection of balanced interests of the individual, society, and the state from external and internal threats in the information space)
Brazil
Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.
Costa Rica
Croatia
Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [17] [18]
Cuba
Czech Republic
Information security: Security (protection) of confidentiality, integrity and availability of information. [20]
Security (protection) of confidentiality, integrity and availability of information. [22]
Denmark
Egypt
Finland
Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [25]
Information security refers to the administrative, technical and other measures that protect and secure information, services, systems and telecommunications and manage their risks in all security situations. [27]
Tietoturvallisuus on myös asiantila, jossa tietojen, tietojärjestelmien ja tietoliikenteen luottamuksellisuuteen, eheyteen ja käytettävyyteen kohdistuvat uhkat eivät aiheuta merkittävää riskiä (Information security is also a condition in which threats against the confidentiality and integrity of information, information systems and telecommunications security do not pose a significant risk).
France
Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la disponibilité, l’intégrité ou la confidentialité des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. [29]
Gambia
Germany
IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [33]
Georgia
Information security - an activity that protects information and information systems' access, integrity, authentication, confidentiality, and the continuing of work.
(raw translation - CIPedia looks for a proper translation in English)
Guatemala
Italy
It includes the necessary safeguards to detect and counter intrusions.
Jamaica
Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable.
Japan
Jordan
أِٓ اٌّؼٍىِبد ---- ٓخسعخص كٔخ٣ش حُٔؼِٓٞخص ٖٓ حُذخٍٞ ٝحالعظخذحّ ٝحإلكظخف ٝحُ٘شش ٝحُظؼذَ٣ ٝحُظللض ٝحُظلون ٝحُظغـَ٤ أٝ حإلطالف ؿ٤ش حُٔشخض. أٖٓ حُٔؼِٓٞخص ٞٛ ٓظطِق ػخّ ٌٖٔ٣ حعظخذحٚٓ رظشف حُ٘ظش ػٖ شٌَ حُز٤خٗخص عٞحء ًخٗض ِٞٔٓعش أٝ اٌُظش٤ٗٝش أٝ ؿ٤شٛخ [39]
Kuwait
Macedonia
Malta
Mongolia
Montenegro
Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.
Netherlands
Cyber Security Centre
NEN-ISO
- Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
- Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
- Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.
National security
Bijzondere Informatie wordt onderscheiden in Staatsgeheimen en in niet-Staatsgeheime Bijzondere Informatie. Er is sprake van een Staatsgeheim als het belang van de Staat of zijn bondgenoten in het geding is en indien kennisname door niet-gerechtigden kan leiden tot schade aan deze belangen. Er is sprake van niet-Staatsgeheime Bijzondere Informatie indien kennisname door nietgerechtigden kan leiden tot nadeel aan het belang van één of meer ministeries.
NEN 7510 - Health sector
- Integriteit is hierbij de eigenschap van nauwkeurigheid en volledigheid.
- Vertrouwelijkheid is hierbij de eigenschap dat informatie niet beschikbaar of niet bekend wordt gemaakt aan onbevoegde personen, entiteiten of processen.
- Beschikbaarheid is hierbij de eigenschap van het toegankelijk en bruikbaar zijn op verzoek van een bevoegde entiteit.
Other
Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [52]
Norway
Digital sikkerhet handler om beskyttelse av «alt» som er sårbart fordi det er koblet til eller på annen måte avhengig av informasjons- og kommunikasjonsteknologi. Brukes synonymt med begrepene IKT-sikkerhet og cybersikkerhet. [55]
ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [57]
Philippines
Portugal
Russian Federation
(raw translation) Information security of the Russian Federation (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, the defense and security of the state.
Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the information space.
Serbia
Sierra Leone
Switzerland
Informationssicherheit / IKT-Sicherheit: Informationssicherheit (oder IKT-Sicherheit) ist die Unversehrtheit der Authentizität, Vertraulichkeit, Integrität und Verfügbarkeit eines informations- und kommunikationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. [67]
Sécurité de l’information / sécurité informatique: La sécurité de l’information (ou sécurité informatique) vise à garantir l’authenticité, la confidentialité, l’intégrité et la disponibilité des données traitées par un système d’information et de communication ou enregistrées dans celui-ci. [68]
Sicurezza delle informazioni/ Sicurezza delle TIC: La sicurezza delle informazioni (o sicurezza delle TIC) è data dalla garanzia dell’autenticità, della confidenzialità, dell’integrità e della accessibilità di un sistema TIC e dei dati che vengono elaborati e salvati in questo sistema. [69]
Uganda
Ukraine
United States
FISMA
NIST
(A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity;
(B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
(C) availability, which means ensuring timely and reliable access to and use of information. [44 U.S.C., Sec. 3542]. [73]
Uruguay
Vanuatu
Regional Definitions
Isle of Man
Tamil Nadu
Other Definitions
East-West Institute (Russia-US)
Кибербезопасность: свойство (киберпространства, иберсистемы), противостоять, намеренным и/или, ненамеренным угрозам, а также, реагировать на них и, восстанавливаться после воздействия этих угроз. [80]
Standard Definition
ISO/IEC 27000:2014
IETF
Dictionary
Notes
References
- ↑ NATO - EU - UN glossary
- ↑ European Court of Auditors, Challenges to effective EU cybersecurity policy, Briefing Paper, March 2019
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ NATO - EU - UN glossary
- ↑ NATO - EU - UN glossary
- ↑ Cyber Security Glossary, World Bank (2015)
- ↑ PROJEKT LIGJ PËR SIGURINË KIBERNETIKE
- ↑ ENERGY REGULATOR AUTHORITY REGULATION ON CYBER SECURITY OF CRITICAL INFRASTRUCTURES IN THE POWER SECTOR
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Protective Security Policy Framework - Glossary Oct 2017
- ↑ Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
- ↑ Österreichische Strategie für Cyber Sicherheit (2013)
- ↑ Концепция Националъной Безопасности, Министерство Внутренних Дел Рецпублики Беларусъ, 2010
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.
- ↑ Estrategia Nacional de Ciberseguridad de Costa Rica (2017)
- ↑ Nacionalna strategija kibernetičke sigurnosti (2015)
- ↑ Article 2 of the Information Security Act
- ↑ National Cyber Security Strategy (2015)
- ↑ Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
- ↑ 20.0 20.1 [1]
- ↑ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Danish Cyber Security Strategy, 2014
- ↑ Glossary of the National Telecom Authority (NTA), Egypt
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Yhteikunnan Turvallisuusstrategia, Valtioneuvoston periaatepäätös 16.12.2010
- ↑ Security Strategy for Society, Government Resolution 16.12.2010
- ↑ Information systems defence and security: France's Strategy
- ↑ La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)
- ↑ THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
- ↑ Cyber-Sicherheitsstrategie für Deutschland 2021
- ↑ Cyber-Sicherheitsstrategie für Deutschland 2016
- ↑ Unpublished working glossary of UP KRITIS and BSI, 2014
- ↑ cyber_security_politics.docx (2012)
- ↑ La Estrategia Nacional de Seguridad Cibernética (June 2018)
- ↑ IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)
- ↑ Jamaica's National Cyber Security Strategy
- ↑ The Second National Strategy on Information Security, Japan, 2009
- ↑ National Cyber Security Strategy (2018-2023) - 2023-2018 حُغ٤زشح٢ٗ -ظشحط٤ـ٤ش حُٞؽ٤٘ش ُألٖٓ ح
- ↑ Glossary Communication and Information Technology Regulatory
- ↑ НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022
- ↑ National Cyber Security Strategy of the Republic of Macedonia (2018)
- ↑ Malta Cyber Security Strategy 2023-2026
- ↑ Security Concept of Mongolia EN.pdf The Concept of National Security of Mongolia, Government of Mongolia
- ↑ Strategija o bezbjednosti 2013-2017 (2012)
- ↑ Strategija sajber bezbjednosti Crne Gore 2022-2026 (2021)
- ↑ Cyber Security Beeld Nederland 2018
- ↑ NEN-ISO/IEC-27001 en 27002
- ↑ Algemene Beveiligingseisen voor Defensieopdrachten (ABDO), 2006
- ↑ NEN 7510-1
- ↑ NEN 7510-2
- ↑ Zakboekje Preventie Cybercrime (2008
- ↑ 2016 Nationaal Cyber Security Beeld
- ↑ National Cyber Security Strategy for Norway (2019)
- ↑ Nasjonal strategi for digital sikkerhet (2019)
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ Cyber Security Strategy for Norway (2012)
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ NHS Cyber security glossary
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации"
(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security") - ↑ КОНЦЕПЦИЯ СТРАТЕГИИ КИБЕРБЕЗОПАСНОСТИ РОССИЙСКОЙ ФЕДЕРАЦИИ (Draft Cyber Security Strategy 2016)
- ↑ ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia
- ↑ National Cyber Security Strategy 2021 - 2025 (2023)
- ↑ SN002 - National strategy for Switzerland’s protection against cyber risks (NCS) 2018-2022 (2018)
- ↑ SN002 - Nationale Strategie zum Schutz der Schweiz vor Cyber-Risiken (NCS) 2018-2022 (2018)
- ↑ SN002 - Stratégie nationale de protection de la Suisse contre les cyberrisques (SNPC) 2018-2022 (2018)
- ↑ SN002 - Strategia nazionale per la protezione della Svizzera contro i cyber-rischi (SNPC) 2018-2022 (2018)
- ↑ National Information Security Policy (2011)
- ↑ Ukraine, Submission to the United Nations General Assembly Resolution A/58/373, 2003
- ↑ The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2).
- ↑ NIST Special Publication 800 NIST SP 800-66r2 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, A Cybersecurity Resource Guide
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
- ↑ Glossary CERTuy
- ↑ National Cybersecurity Strategy 2030
- ↑ Isle of Man National Cyber Security Strategy (2018-2022)
- ↑ Tamil Nadu Cyber Security Policy (2020)
- ↑ RUSSIA-‐U.S. BILATERAL ON CYBERSECURITY: CRITICAL TERMINOLOGY FOUNDATIONS
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ Cybersecurity Woordenboek 2021